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AMENDMENTS TO THE CLAIMS : 

This listing of claims will replace all prior versions and listings of claims in the 
application: 

1.-36. (Cancelled) 

37. (Currently Amended) A method of preventing intrusion in communication traffic 
with a set of machines in a network, said traffic comprising communication entities, comprising 
the steps of: 

providing a test system comprising test facilities replicating at least one of said machines 
in said set; 

directing at least part of said communication entities in said traffic toward said test 

system; 

running said communication entities directed toward said test system on said test 
facilities to detect possibly adverse effects on said test system , without providing a response, by 
said test facilities, to said communication entities ; and 

i) in the presence of an adverse effect, blocking, by said test facilities, the communication 
entities leading to said adverse effect, and 

ii) in the absence of an adverse effect, directing, by said test facilities, the communication 
entities not having the adverse effect to said set of machines. 

38. (Previously Presented) The method of claim 37, wherein said at least part of said 
communication entities directed toward said test system include communication entities from 
traffic bound toward said set of machines. 
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39. (Previously Presented) The method of claim 37, wherein said at least part of said 
communication entities directed toward said test system include communication entities from 
traffic coming from said set of machines. 

40. (Previously Presented) The method of claim 37, comprising the steps of: 
providing a data base comprising patterns representative of forbidden communication 

entities for communication with said set of machines; and 

blocking forbidden communication entities in said traffic as identified by respective 
patterns included in said data base. 

41 . (Previously Presented) The method of claim 37, comprising the steps of: 
providing a further data base comprising patterns representative of allowed 

communication entities for communication with said set of machines; and 

allowing communication of allowed communication entities in said traffic as identified 
by respective patterns included in said further data base. 

42. (Previously Presented) The method of claim 40, comprising the steps of: 
detecting unknown communication entities in said traffic as identified by respective 

unknown patterns not included in said data base; and 

directing said unknown communication entities in said traffic as identified by respective 
unknown patterns not included in said data base toward said test system to be run on said test 
facilities to detect possibly adverse effects on said test system. 

43 . (Previously Presented) The method of claim 42, comprising, in the presence of 
said adverse effect, the step of adding to said data base the respective pattern identifying the 
communication entity leading to said adverse effect. 
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44. (Previously Presented) The method of claim 4 1 , comprising the steps of: 
detecting unknown communication entities in said traffic as identified by respective 

unknown patterns not included in said further data base; and 

directing said unknown communication entities in said traffic as identified by respective 
unknown patterns not included in said further data base toward said test system to be run on said 
test facilities to detect possibly adverse effects on said test system. 

45. (Previously Presented) The method of claim 44, comprising, in the absence of 
said adverse effect, the step of adding to said further data base the respective pattern identifying 
the communication entity failing to lead to said adverse effect. 

46. (Previously Presented) The method of claim 37, comprising, in the presence of 
said adverse effect, the step of subjecting to a resetting step those of said test facilities in said test 
system affected by said adverse effect. 

47. (Previously Presented) The method of claim 37, wherein the machines in said set 
comprise facilities exposed to said adverse effect as well as additional contents, comprising the 
step of configuring said test facilities in order to replicate said facilities exposed to said adverse 
effect in the machines in said set. 

48. (Previously Presented) The method of claim 37, comprising the step of inhibiting 
said test facilities in said test system from providing responses to said traffic. 

49. (Previously Presented) The method of claim 37, comprising the steps of: 
providing an in-line component ensuring said traffic with said set of machines; and 
providing at least one interface interfacing said in-line component with said test system. 
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50. (Previously Presented) The method of claim 49, comprising the step of providing 
feedback from said test system to said in-line component via said at least one interface. 

5 1 . (Previously Presented) The method of claim 49, comprising the steps of: 
providing a management network for managing said test system; and 

providing feedback from said test system to said in-line component via said management 
network. 

52. (Previously Presented) The method of claim 43, comprising the steps of: 
providing a parallel intrusion preventing arrangement including a respective data base 

including patterns representative of respective forbidden communication entities for 
communication with a respective set of machines; and 

in the presence of said adverse effect, transmitting to said parallel intrusion preventing 
arrangement, for inclusion in said respective data base, the respective pattern identifying the 
communication entity leading to said adverse effect. 

53. (Previously Presented) The method of claim 45, comprising the steps of: 
providing a parallel intrusion preventing arrangement including a respective further data 

base including patterns representative of respective allowed communication entities for 
communication with a respective set of machines; and 

in the absence of said adverse effect, transmitting to said parallel intrusion preventing 
arrangement, for inclusion in said respective further data base, the respective pattern identifying 
the communication entity failing to lead to said adverse effect. 
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54. (Currently Amended) A system of preventing intrusion in communication traffic 
with a set of machines in a network, said traffic comprising communication entities, comprising: 

a test system comprising test facilities replicating at least one of said machines in said set; 

and 

a communication module configured for directing at least part of said communication 
entities in said traffic toward said test system, wherein said communication entities directed 
toward said test system are adapted to be run on said test facilities to detect possibly adverse 
effects on said test system, and wherein said test facilities do not provide a response to said 
communication entities, 

said communication module being further configured for 

i) in the presence of an adverse effect, blocking, by said test facilities, the communication 
entities leading to said adverse effect, and 

ii) in the absence of an adverse effect, directing, by said test facilities, the communication 
entities not having the adverse effect to said set of machines. 

55. (Previously Presented) The system of claim 54, wherein said communication 
module is configured for including in said at least part of communication entities directed toward 
said test system communication entities from traffic bound toward said set of machines. 

56. (Previously Presented) The system of claim 54, wherein said communication 
module is configured for including in said at least part of communication entities directed toward 
said test system communication entities from traffic coming from said set of machines. 
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57. (Previously Presented) The system of claim 54, comprising: 

a data base comprising patterns representative of forbidden communication entities for 
communication with said set of machines; and 

a firewall module configured for blocking forbidden communication entities in said 
traffic as identified by respective patterns included in said data base. 

58. (Previously Presented) The system of claim 54, comprising: 

a further data base comprising patterns representative of allowed communication entities 
for communication with said set of machines, 

said communication module being configured for allowing communication of allowed 
communication entities in said traffic as identified by respective patterns included in said further 
data base. 

59. (Previously Presented) The system of claim 57, wherein said communication 
module is configured for: 

detecting unknown communication entities in said traffic as identified by respective 
unknown patterns not included in said data base; and 

directing said unknown communication entities in said traffic as identified by respective 
unknown patterns not included in said data base toward said test system to be run on said test 
facilities to detect possibly adverse effects on said test system. 

60. (Previously Presented) The system of claim 59, wherein said communication 
module is configured for adding to said data base, in the presence of said adverse effect, the 
respective pattern identifying the communication entity leading to said adverse effect. 
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61 . (Previously Presented) The system of claim 58, wherein said communication 
module is configured for: 

detecting unknown communication entities in said traffic as identified by respective 
unknown patterns not included in said further data base; and 

directing said unknown communication entities in said traffic as identified by respective 
unknown patterns not included in said further data base toward said test system to be run on said 
test facilities to detect possibly adverse effects on said test system. 

62. (Previously Presented) The system of claim 61 , wherein said communication 
module is configured for adding to said further data base, in the absence of said adverse effect, 
the respective pattern identifying the communication entity failing to lead to said adverse effect, 

63. (Previously Presented) The system of claim 54, wherein said test facilities in said 
test system are configured to undergo resetting following said adverse effect. 

64. (Previously Presented) The system of claim 54, wherein the machines in said set 
comprise facilities exposed to said adverse effect as well as additional contents, while said test 
facilities replicate said facilities exposed to said adverse effect in the machines in said set. 

65. (Previously Presented) The system of claim 54, wherein the test facilities in said 
test system are inhibited from providing responses to said traffic. 

66. (Previously Presented) The system of claim 54, comprising: 

an in-line component in said communication module ensuring said traffic with said set of 
machines, and 

at least one interface interfacing said in-line component with said test system. 
-8- 
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67. (Previously Presented) The system of claim 66, wherein said test system is 
configured for providing feedback to said in-line component via said at least one interface. 

68. (Previously Presented) The system of claim 66, comprising a management 
network for managing said test system and said test system is configured for providing feedback 
to said in-line component via said management network. 

69. (Previously Presented) The system of claim 60, comprising an associated parallel 
intrusion preventing arrangement comprising a respective data base including patterns 
representative of respective forbidden communication entities for communication with a 
respective set of machines, said communication module being configured for transmitting, in the 
presence of said adverse effect, to said parallel intrusion preventing arrangement, for inclusion in 
said respective data base, the respective pattern identifying the communication entity leading to 
said adverse effect. 

70. (Previously Presented) The system of claim 61 , comprising an associated parallel 
intrusion preventing arrangement comprising a respective further data base comprising patterns 
representative of respective allowed communication entities for communication with a respective 
set of machines, said communication module is being configured for transmitting, in the absence 
of said adverse effect, said parallel intrusion preventing arrangement, for inclusion in said 
respective further data base, the respective pattern identifying the communication entity failing 
to lead to said adverse effect. 

71 . (Previously Presented) A telecommunication network comprising the system of 
any one of claims 54 to 70. 
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72. (Previously Presented) A non-transitory computer readable storage medium 
encoded with a program product loadable into a memory of at least one computer and including 
software portions for performing the steps of the method of any one of claims 37 to 53 when said 
program is run on the at least one computer. 
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